[thelist] Storing CC Information [was: Specific Ecommerce Requirements]

Hershel Robinson hershel at galleryrobinson.com
Tue Oct 17 12:36:55 CDT 2006


 >> But that's the answer--put in the MySQL DB. Many ecommerce packages 
do this by anyway--even if they do place the charge automatically at 
checkout time.
 >
 > And they shouldn't.  You don't keep people's CC
 > numbers any longer than is absolutely necessary
 > (unless you want to comply with the processors'
 > data security reqs [tip: you don't] and/or get
 > ejected by your card company).

FWIW, this I received from a US lawyer:

<quote>
Since you are not sharing or selling credit card information, there are
no specific restrictions or regulations concerning the storage of credit
card information that I could find, other than any requirements imposed
by your bank or credit card processor, which would be contractual.
</quote>

Hershel

-- 
Web Site Construction by Gallery Robinson
http://galleryrobinson.com/




More information about the thelist mailing list